Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash Player Plug-in Virus


  • Please log in to reply
10 replies to this topic

#1 Ravenmahdi

Ravenmahdi

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 10 December 2012 - 04:14 AM

Hello,
I am running windows 7 on my laptop with the latest version of Firefox.
Recently, I started seeing hyperlinks for certain words or phrases like "phone" or "computer" generated by "Coupon Dropdown". I scanned with Adaware and it removed some stuff but the hyperlinks were still there. I did some searching online and found some posts and looked at my recently installed programs and uninstalled "Flash Player 11.5 Plugin for Firefox"(name not exact). This stopped the hyperlink problem BUT my computer is still acting very strange, if i try to run Malware bytes full scan and leave the computer to scan when i come back it has crashed and rebooted. Also, whenever the computer reboots the Command prompt pops up for a second before any start up programs are loaded. It also seems like there are a lot of SVChost processes running in my Task Manager. I have run a scan with Adaware that found some stuff that I removed that stays seemingly removed and I am running a scan with AVG right now but I have a feeling whatever this is wont be found by either of those programs. Any suggestions or help would be greatly appreciated as this is my work laptop and I cant have it compromised. Thanks!

Raven

BC AdBot (Login to Remove)

 


#2 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 10 December 2012 - 01:43 PM

Finished AVG scan and found nothing, uninstalled flash and made sure I got new version direct from Adobe website and the hyperlinks from Coupon dropdown came right back. Do I have some virus that somehow piggybacks on the Flash install? I also seem to have a ton of svchost.exes running in my processes. Any suggestions as to what to do next?

Edited by Ravenmahdi, 10 December 2012 - 01:43 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 AM

Posted 16 December 2012 - 12:10 PM

Hello, sounds like you have the "Text Enhance" not actually a virus but it is annoying.

Lets scan for adware and also check add ons.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.





Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



In IE,Go to tools, manage add ons, toolbars and extentions and disable the I want this extension.
In Google chrome click on the spanner icon,top right of page go to tools and do the same.
Then restart your browser,it should be gone.
Now go to your control panel and remove/un-install the program I Want This
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 December 2012 - 12:56 AM

Here is TDSS Log
23:51:50.0705 18644 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:51:51.0466 18644 ============================================================
23:51:51.0467 18644 Current date / time: 2012/12/16 23:51:51.0466
23:51:51.0467 18644 SystemInfo:
23:51:51.0467 18644
23:51:51.0467 18644 OS Version: 6.1.7601 ServicePack: 1.0
23:51:51.0467 18644 Product type: Workstation
23:51:51.0467 18644 ComputerName: GABY-PC
23:51:51.0467 18644 UserName: Gaby
23:51:51.0467 18644 Windows directory: C:\Windows
23:51:51.0467 18644 System windows directory: C:\Windows
23:51:51.0467 18644 Processor architecture: Intel x86
23:51:51.0467 18644 Number of processors: 1
23:51:51.0467 18644 Page size: 0x1000
23:51:51.0468 18644 Boot type: Normal boot
23:51:51.0468 18644 ============================================================
23:51:56.0134 18644 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:51:56.0416 18644 Drive \Device\Harddisk2\DR2 - Size: 0xEEBF8000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:51:56.0417 18644 ============================================================
23:51:56.0417 18644 \Device\Harddisk0\DR0:
23:51:56.0418 18644 MBR partitions:
23:51:56.0418 18644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
23:51:56.0418 18644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x32000
23:51:56.0418 18644 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D92000, BlocksNum 0x10C87000
23:51:56.0418 18644 \Device\Harddisk2\DR2:
23:51:56.0418 18644 MBR partitions:
23:51:56.0419 18644 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x775AC1
23:51:56.0419 18644 ============================================================
23:51:56.0467 18644 C: <-> \Device\Harddisk0\DR0\Partition3
23:51:56.0545 18644 D: <-> \Device\Harddisk0\DR0\Partition1
23:51:56.0758 18644 ============================================================
23:51:56.0759 18644 Initialize success
23:51:56.0759 18644 ============================================================
23:52:48.0943 21380 ============================================================
23:52:48.0943 21380 Scan started
23:52:48.0943 21380 Mode: Manual; TDLFS;
23:52:48.0943 21380 ============================================================
23:52:49.0604 21380 ================ Scan system memory ========================
23:52:49.0604 21380 System memory - ok
23:52:49.0608 21380 ================ Scan services =============================
23:52:49.0812 21380 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:52:49.0835 21380 1394ohci - ok
23:52:49.0891 21380 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:52:49.0899 21380 ACPI - ok
23:52:49.0957 21380 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:52:49.0962 21380 AcpiPmi - ok
23:52:50.0111 21380 [ E9BACEDF8511EF671E817D8690E12DE3 ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
23:52:50.0146 21380 Ad-Aware Service - ok
23:52:50.0198 21380 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:52:50.0208 21380 adp94xx - ok
23:52:50.0255 21380 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:52:50.0286 21380 adpahci - ok
23:52:50.0311 21380 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:52:50.0315 21380 adpu320 - ok
23:52:50.0363 21380 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:52:50.0365 21380 AeLookupSvc - ok
23:52:50.0415 21380 aexn - ok
23:52:50.0472 21380 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:52:50.0489 21380 AFD - ok
23:52:50.0541 21380 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:52:50.0543 21380 agp440 - ok
23:52:50.0643 21380 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:52:50.0802 21380 aic78xx - ok
23:52:50.0856 21380 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:52:50.0948 21380 ALG - ok
23:52:50.0982 21380 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:52:51.0076 21380 aliide - ok
23:52:51.0112 21380 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:52:51.0116 21380 amdagp - ok
23:52:51.0159 21380 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:52:51.0170 21380 amdide - ok
23:52:51.0211 21380 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:52:51.0212 21380 AmdK8 - ok
23:52:51.0247 21380 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:52:51.0279 21380 AmdPPM - ok
23:52:51.0341 21380 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:52:51.0343 21380 amdsata - ok
23:52:51.0363 21380 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:52:51.0368 21380 amdsbs - ok
23:52:51.0384 21380 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:52:51.0394 21380 amdxata - ok
23:52:51.0460 21380 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:52:51.0463 21380 AppID - ok
23:52:51.0506 21380 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:52:51.0509 21380 AppIDSvc - ok
23:52:51.0568 21380 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:52:51.0573 21380 Appinfo - ok
23:52:51.0697 21380 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:52:51.0699 21380 Apple Mobile Device - ok
23:52:51.0756 21380 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
23:52:51.0774 21380 AppMgmt - ok
23:52:51.0809 21380 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:52:51.0812 21380 arc - ok
23:52:51.0842 21380 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:52:51.0848 21380 arcsas - ok
23:52:51.0937 21380 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:52:51.0957 21380 aspnet_state - ok
23:52:51.0981 21380 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:52:51.0997 21380 AsyncMac - ok
23:52:52.0035 21380 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:52:52.0039 21380 atapi - ok
23:52:52.0099 21380 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:52:52.0106 21380 AudioEndpointBuilder - ok
23:52:52.0130 21380 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:52:52.0134 21380 Audiosrv - ok
23:52:52.0386 21380 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
23:52:52.0521 21380 AVGIDSAgent - ok
23:52:52.0590 21380 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
23:52:52.0593 21380 AVGIDSDriver - ok
23:52:52.0617 21380 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
23:52:52.0619 21380 AVGIDSFilter - ok
23:52:52.0661 21380 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
23:52:52.0663 21380 AVGIDSHX - ok
23:52:52.0705 21380 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
23:52:52.0720 21380 AVGIDSShim - ok
23:52:52.0788 21380 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
23:52:52.0793 21380 Avgldx86 - ok
23:52:52.0833 21380 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
23:52:52.0846 21380 Avgmfx86 - ok
23:52:52.0926 21380 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
23:52:52.0928 21380 Avgrkx86 - ok
23:52:52.0975 21380 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
23:52:52.0996 21380 Avgtdix - ok
23:52:53.0048 21380 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
23:52:53.0071 21380 avgwd - ok
23:52:53.0115 21380 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:52:53.0167 21380 AxInstSV - ok
23:52:53.0220 21380 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:52:53.0227 21380 b06bdrv - ok
23:52:53.0265 21380 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:52:53.0271 21380 b57nd60x - ok
23:52:53.0391 21380 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
23:52:53.0470 21380 BCM43XX - ok
23:52:53.0513 21380 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:52:53.0518 21380 BDESVC - ok
23:52:53.0544 21380 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:52:53.0560 21380 Beep - ok
23:52:53.0630 21380 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
23:52:53.0650 21380 BFE - ok
23:52:53.0711 21380 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
23:52:53.0732 21380 BITS - ok
23:52:53.0751 21380 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:52:53.0762 21380 blbdrive - ok
23:52:53.0863 21380 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:52:53.0898 21380 Bonjour Service - ok
23:52:53.0945 21380 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:52:53.0948 21380 bowser - ok
23:52:53.0976 21380 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:52:53.0977 21380 BrFiltLo - ok
23:52:54.0003 21380 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:52:54.0035 21380 BrFiltUp - ok
23:52:54.0076 21380 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
23:52:54.0079 21380 Browser - ok
23:52:54.0113 21380 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:52:54.0136 21380 Brserid - ok
23:52:54.0155 21380 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:52:54.0157 21380 BrSerWdm - ok
23:52:54.0185 21380 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:52:54.0192 21380 BrUsbMdm - ok
23:52:54.0221 21380 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:52:54.0245 21380 BrUsbSer - ok
23:52:54.0261 21380 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:52:54.0279 21380 BTHMODEM - ok
23:52:54.0327 21380 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:52:54.0330 21380 bthserv - ok
23:52:54.0369 21380 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:52:54.0378 21380 cdfs - ok
23:52:54.0455 21380 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:52:54.0458 21380 cdrom - ok
23:52:54.0508 21380 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:52:54.0511 21380 CertPropSvc - ok
23:52:54.0590 21380 [ 67E5717D1E47E7D20E1E2DC929A71B3C ] Change Modem Device Service C:\Windows\system32\ChgService.exe
23:52:54.0709 21380 Change Modem Device Service - ok
23:52:54.0745 21380 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:52:54.0748 21380 circlass - ok
23:52:54.0787 21380 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:52:54.0809 21380 CLFS - ok
23:52:54.0851 21380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:52:54.0854 21380 clr_optimization_v2.0.50727_32 - ok
23:52:54.0959 21380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:52:55.0035 21380 clr_optimization_v4.0.30319_32 - ok
23:52:55.0062 21380 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:52:55.0064 21380 CmBatt - ok
23:52:55.0114 21380 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:52:55.0117 21380 cmdide - ok
23:52:55.0182 21380 [ CE0D4EAC1CD08ECF5FB9EAB4B1E403C7 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
23:52:55.0185 21380 cmnsusbser - ok
23:52:55.0234 21380 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
23:52:55.0240 21380 CNG - ok
23:52:55.0304 21380 [ 4EB6222BE3C3C8071F4A9CA076241D1D ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
23:52:55.0314 21380 cnnctfy2 - ok
23:52:55.0356 21380 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:52:55.0365 21380 Compbatt - ok
23:52:55.0421 21380 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:52:55.0423 21380 CompositeBus - ok
23:52:55.0480 21380 COMSysApp - ok
23:52:55.0592 21380 [ 4361C4CAFBEAC86627F2132E103D9E5B ] Connectify C:\Program Files\Connectify\ConnectifyService.exe
23:52:55.0656 21380 Connectify - ok
23:52:55.0699 21380 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:52:55.0709 21380 crcdisk - ok
23:52:55.0766 21380 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:52:55.0788 21380 CryptSvc - ok
23:52:55.0847 21380 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
23:52:55.0865 21380 CSC - ok
23:52:55.0915 21380 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
23:52:55.0934 21380 CscService - ok
23:52:55.0969 21380 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:52:55.0987 21380 DcomLaunch - ok
23:52:56.0041 21380 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:52:56.0046 21380 defragsvc - ok
23:52:56.0104 21380 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:52:56.0110 21380 DfsC - ok
23:52:56.0173 21380 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:52:56.0196 21380 Dhcp - ok
23:52:56.0258 21380 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:52:56.0260 21380 discache - ok
23:52:56.0297 21380 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:52:56.0299 21380 Disk - ok
23:52:56.0343 21380 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:52:56.0358 21380 Dnscache - ok
23:52:56.0414 21380 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:52:56.0418 21380 dot3svc - ok
23:52:56.0457 21380 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:52:56.0461 21380 DPS - ok
23:52:56.0492 21380 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:52:56.0493 21380 drmkaud - ok
23:52:56.0554 21380 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:52:56.0576 21380 DXGKrnl - ok
23:52:56.0621 21380 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:52:56.0624 21380 EapHost - ok
23:52:56.0739 21380 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:52:56.0819 21380 ebdrv - ok
23:52:56.0851 21380 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:52:56.0857 21380 EFS - ok
23:52:56.0939 21380 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:52:56.0957 21380 ehRecvr - ok
23:52:56.0986 21380 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:52:56.0993 21380 ehSched - ok
23:52:57.0034 21380 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:52:57.0049 21380 elxstor - ok
23:52:57.0084 21380 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:52:57.0095 21380 ErrDev - ok
23:52:57.0167 21380 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:52:57.0172 21380 EventSystem - ok
23:52:57.0198 21380 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:52:57.0201 21380 exfat - ok
23:52:57.0236 21380 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:52:57.0269 21380 fastfat - ok
23:52:57.0337 21380 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:52:57.0356 21380 Fax - ok
23:52:57.0388 21380 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:52:57.0396 21380 fdc - ok
23:52:57.0417 21380 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:52:57.0420 21380 fdPHost - ok
23:52:57.0442 21380 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:52:57.0444 21380 FDResPub - ok
23:52:57.0475 21380 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:52:57.0479 21380 FileInfo - ok
23:52:57.0493 21380 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:52:57.0513 21380 Filetrace - ok
23:52:57.0548 21380 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:52:57.0550 21380 flpydisk - ok
23:52:57.0589 21380 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:52:57.0596 21380 FltMgr - ok
23:52:57.0668 21380 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:52:57.0699 21380 FontCache - ok
23:52:57.0787 21380 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:52:57.0792 21380 FontCache3.0.0.0 - ok
23:52:57.0819 21380 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:52:57.0821 21380 FsDepends - ok
23:52:57.0863 21380 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:52:57.0873 21380 fssfltr - ok
23:52:58.0040 21380 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:52:58.0085 21380 fsssvc - ok
23:52:58.0133 21380 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:52:58.0134 21380 Fs_Rec - ok
23:52:58.0194 21380 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:52:58.0199 21380 fvevol - ok
23:52:58.0242 21380 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:52:58.0280 21380 gagp30kx - ok
23:52:58.0379 21380 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:52:58.0382 21380 GEARAspiWDM - ok
23:52:58.0471 21380 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\Windows\system32\drivers\gfibto.sys
23:52:58.0473 21380 gfibto - ok
23:52:58.0527 21380 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:52:58.0544 21380 gpsvc - ok
23:52:58.0649 21380 [ 41ECC0A28FFEFF16837A2574B86EF8BC ] GS In-Game Service C:\Program Files\GameTracker\GSInGameService.exe
23:52:58.0927 21380 GS In-Game Service - ok
23:52:59.0047 21380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:52:59.0056 21380 gupdate - ok
23:52:59.0091 21380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:52:59.0093 21380 gupdatem - ok
23:52:59.0159 21380 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:52:59.0181 21380 gusvc - ok
23:52:59.0214 21380 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:52:59.0216 21380 hcw85cir - ok
23:52:59.0282 21380 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:52:59.0287 21380 HdAudAddService - ok
23:52:59.0304 21380 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:52:59.0310 21380 HDAudBus - ok
23:52:59.0332 21380 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:52:59.0341 21380 HidBatt - ok
23:52:59.0372 21380 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:52:59.0377 21380 HidBth - ok
23:52:59.0406 21380 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:52:59.0409 21380 HidIr - ok
23:52:59.0438 21380 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:52:59.0442 21380 hidserv - ok
23:52:59.0501 21380 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:52:59.0503 21380 HidUsb - ok
23:52:59.0553 21380 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:52:59.0559 21380 hkmsvc - ok
23:52:59.0601 21380 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:52:59.0613 21380 HomeGroupListener - ok
23:52:59.0663 21380 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:52:59.0668 21380 HomeGroupProvider - ok
23:52:59.0731 21380 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:52:59.0733 21380 HpSAMD - ok
23:52:59.0789 21380 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:52:59.0834 21380 HTTP - ok
23:52:59.0891 21380 [ 92CA47DA32009CCC00A5ADED04ABBD78 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:52:59.0895 21380 hwdatacard - ok
23:52:59.0949 21380 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:52:59.0951 21380 hwpolicy - ok
23:53:00.0052 21380 [ 1D4D6D24256F61E6B08A3CF8184A78B8 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
23:53:00.0072 21380 hwusbfake - ok
23:53:00.0133 21380 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:53:00.0174 21380 i8042prt - ok
23:53:00.0284 21380 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:53:00.0291 21380 iaStorV - ok
23:53:00.0407 21380 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:53:00.0441 21380 idsvc - ok
23:53:00.0595 21380 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:53:00.0736 21380 igfx - ok
23:53:00.0792 21380 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:53:00.0799 21380 iirsp - ok
23:53:00.0876 21380 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:53:00.0921 21380 IKEEXT - ok
23:53:00.0957 21380 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:53:00.0979 21380 intelide - ok
23:53:01.0033 21380 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:53:01.0035 21380 intelppm - ok
23:53:01.0143 21380 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:53:01.0162 21380 IPBusEnum - ok
23:53:01.0184 21380 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:53:01.0187 21380 IpFilterDriver - ok
23:53:01.0245 21380 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:53:01.0253 21380 iphlpsvc - ok
23:53:01.0293 21380 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:53:01.0306 21380 IPMIDRV - ok
23:53:01.0327 21380 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:53:01.0330 21380 IPNAT - ok
23:53:01.0420 21380 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:53:01.0442 21380 iPod Service - ok
23:53:01.0478 21380 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:53:01.0480 21380 IRENUM - ok
23:53:01.0504 21380 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:53:01.0507 21380 isapnp - ok
23:53:01.0554 21380 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:53:01.0559 21380 iScsiPrt - ok
23:53:01.0600 21380 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:53:01.0607 21380 kbdclass - ok
23:53:01.0660 21380 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:53:01.0661 21380 kbdhid - ok
23:53:01.0687 21380 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:53:01.0689 21380 KeyIso - ok
23:53:01.0726 21380 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:53:01.0728 21380 KSecDD - ok
23:53:01.0783 21380 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:53:01.0786 21380 KSecPkg - ok
23:53:01.0823 21380 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:53:01.0842 21380 KtmRm - ok
23:53:01.0867 21380 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:53:01.0876 21380 LanmanServer - ok
23:53:01.0924 21380 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:53:01.0929 21380 LanmanWorkstation - ok
23:53:01.0989 21380 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:53:02.0006 21380 lltdio - ok
23:53:02.0046 21380 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:53:02.0053 21380 lltdsvc - ok
23:53:02.0112 21380 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:53:02.0115 21380 lmhosts - ok
23:53:02.0144 21380 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:53:02.0147 21380 LSI_FC - ok
23:53:02.0165 21380 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:53:02.0178 21380 LSI_SAS - ok
23:53:02.0191 21380 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:53:02.0196 21380 LSI_SAS2 - ok
23:53:02.0214 21380 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:53:02.0260 21380 LSI_SCSI - ok
23:53:02.0280 21380 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:53:02.0288 21380 luafv - ok
23:53:02.0379 21380 [ B0456B8A332135C1216FF2374B584161 ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
23:53:02.0436 21380 lvpopflt - ok
23:53:02.0492 21380 [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
23:53:02.0495 21380 LVUSBSta - ok
23:53:02.0628 21380 [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
23:53:02.0736 21380 LVUVC - ok
23:53:02.0798 21380 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:53:02.0821 21380 Mcx2Svc - ok
23:53:02.0857 21380 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:53:02.0861 21380 megasas - ok
23:53:02.0887 21380 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:53:02.0895 21380 MegaSR - ok
23:53:02.0987 21380 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:53:02.0990 21380 Microsoft Office Groove Audit Service - ok
23:53:03.0029 21380 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:53:03.0032 21380 MMCSS - ok
23:53:03.0052 21380 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:53:03.0064 21380 Modem - ok
23:53:03.0100 21380 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:53:03.0104 21380 monitor - ok
23:53:03.0143 21380 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:53:03.0148 21380 mouclass - ok
23:53:03.0164 21380 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:53:03.0166 21380 mouhid - ok
23:53:03.0205 21380 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:53:03.0239 21380 mountmgr - ok
23:53:03.0335 21380 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:53:03.0339 21380 MozillaMaintenance - ok
23:53:03.0411 21380 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:53:03.0415 21380 MpFilter - ok
23:53:03.0457 21380 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:53:03.0463 21380 mpio - ok
23:53:03.0631 21380 [ A69630D039C38018689190234F866D77 ] MpKsl35840527 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A1DD45FD-877A-4F46-B5D7-E628981659B5}\MpKsl35840527.sys
23:53:03.0632 21380 MpKsl35840527 - ok
23:53:03.0667 21380 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:53:03.0670 21380 mpsdrv - ok
23:53:03.0719 21380 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:53:03.0742 21380 MpsSvc - ok
23:53:03.0786 21380 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:53:03.0793 21380 MRxDAV - ok
23:53:03.0836 21380 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:53:03.0839 21380 mrxsmb - ok
23:53:03.0862 21380 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:53:03.0885 21380 mrxsmb10 - ok
23:53:03.0926 21380 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:53:03.0929 21380 mrxsmb20 - ok
23:53:03.0971 21380 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:53:03.0975 21380 msahci - ok
23:53:04.0003 21380 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:53:04.0008 21380 msdsm - ok
23:53:04.0030 21380 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:53:04.0037 21380 MSDTC - ok
23:53:04.0101 21380 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:53:04.0162 21380 Msfs - ok
23:53:04.0181 21380 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:53:04.0183 21380 mshidkmdf - ok
23:53:04.0232 21380 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:53:04.0257 21380 msisadrv - ok
23:53:04.0301 21380 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:53:04.0308 21380 MSiSCSI - ok
23:53:04.0321 21380 msiserver - ok
23:53:04.0362 21380 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:53:04.0365 21380 MSKSSRV - ok
23:53:04.0473 21380 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:53:04.0474 21380 MsMpSvc - ok
23:53:04.0496 21380 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:53:04.0498 21380 MSPCLOCK - ok
23:53:04.0522 21380 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:53:04.0525 21380 MSPQM - ok
23:53:04.0546 21380 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:53:04.0550 21380 MsRPC - ok
23:53:04.0599 21380 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:53:04.0608 21380 mssmbios - ok
23:53:04.0624 21380 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:53:04.0626 21380 MSTEE - ok
23:53:04.0653 21380 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:53:04.0655 21380 MTConfig - ok
23:53:04.0677 21380 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:53:04.0686 21380 Mup - ok
23:53:04.0743 21380 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:53:04.0750 21380 napagent - ok
23:53:04.0785 21380 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:53:04.0792 21380 NativeWifiP - ok
23:53:04.0860 21380 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:53:04.0895 21380 NDIS - ok
23:53:04.0926 21380 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:53:04.0929 21380 NdisCap - ok
23:53:04.0959 21380 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:53:05.0000 21380 NdisTapi - ok
23:53:05.0044 21380 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:53:05.0047 21380 Ndisuio - ok
23:53:05.0095 21380 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:53:05.0104 21380 NdisWan - ok
23:53:05.0115 21380 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:53:05.0117 21380 NDProxy - ok
23:53:05.0153 21380 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:53:05.0162 21380 NetBIOS - ok
23:53:05.0198 21380 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:53:05.0203 21380 NetBT - ok
23:53:05.0218 21380 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:53:05.0221 21380 Netlogon - ok
23:53:05.0286 21380 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:53:05.0295 21380 Netman - ok
23:53:05.0320 21380 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:53:05.0337 21380 netprofm - ok
23:53:05.0381 21380 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:53:05.0384 21380 NetTcpPortSharing - ok
23:53:05.0432 21380 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:53:05.0438 21380 nfrd960 - ok
23:53:05.0497 21380 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:53:05.0500 21380 NisDrv - ok
23:53:05.0555 21380 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:53:05.0559 21380 NisSrv - ok
23:53:05.0600 21380 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:53:05.0607 21380 NlaSvc - ok
23:53:05.0630 21380 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:53:05.0632 21380 Npfs - ok
23:53:05.0667 21380 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:53:05.0670 21380 nsi - ok
23:53:05.0686 21380 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:53:05.0688 21380 nsiproxy - ok
23:53:05.0759 21380 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:53:05.0794 21380 Ntfs - ok
23:53:05.0816 21380 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:53:05.0817 21380 Null - ok
23:53:05.0851 21380 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:53:05.0854 21380 nvraid - ok
23:53:05.0907 21380 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:53:05.0910 21380 nvstor - ok
23:53:05.0935 21380 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:53:05.0938 21380 nv_agp - ok
23:53:06.0042 21380 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:53:06.0051 21380 odserv - ok
23:53:06.0085 21380 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:53:06.0088 21380 ohci1394 - ok
23:53:06.0137 21380 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:53:06.0169 21380 ose - ok
23:53:06.0238 21380 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:53:06.0294 21380 p2pimsvc - ok
23:53:06.0320 21380 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:53:06.0362 21380 p2psvc - ok
23:53:06.0412 21380 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:53:06.0421 21380 Parport - ok
23:53:06.0472 21380 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:53:06.0476 21380 partmgr - ok
23:53:06.0498 21380 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:53:06.0502 21380 Parvdm - ok
23:53:06.0530 21380 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:53:06.0537 21380 PcaSvc - ok
23:53:06.0559 21380 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:53:06.0563 21380 pci - ok
23:53:06.0608 21380 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:53:06.0609 21380 pciide - ok
23:53:06.0640 21380 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:53:06.0644 21380 pcmcia - ok
23:53:06.0718 21380 [ A2AC545AB59AB2A564058B9A60F6456F ] PCPitstop Scheduling C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
23:53:06.0777 21380 PCPitstop Scheduling - ok
23:53:06.0806 21380 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:53:06.0808 21380 pcw - ok
23:53:06.0844 21380 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:53:06.0889 21380 PEAUTH - ok
23:53:06.0969 21380 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:53:07.0004 21380 PeerDistSvc - ok
23:53:07.0164 21380 [ ACC93675D78D1C07DAD09D7837F2397A ] pgsql-8.3 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
23:53:07.0258 21380 pgsql-8.3 - ok
23:53:07.0341 21380 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:53:07.0389 21380 pla - ok
23:53:07.0445 21380 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:53:07.0452 21380 PlugPlay - ok
23:53:07.0526 21380 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
23:53:07.0531 21380 PnkBstrA - ok
23:53:07.0569 21380 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:53:07.0576 21380 PNRPAutoReg - ok
23:53:07.0606 21380 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:53:07.0613 21380 PNRPsvc - ok
23:53:07.0643 21380 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:53:07.0662 21380 PolicyAgent - ok
23:53:07.0714 21380 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:53:07.0719 21380 Power - ok
23:53:07.0761 21380 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:53:07.0764 21380 PptpMiniport - ok
23:53:07.0796 21380 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:53:07.0798 21380 Processor - ok
23:53:07.0867 21380 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
23:53:07.0873 21380 ProfSvc - ok
23:53:07.0890 21380 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:53:07.0892 21380 ProtectedStorage - ok
23:53:07.0931 21380 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:53:07.0934 21380 Psched - ok
23:53:07.0992 21380 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:53:08.0049 21380 ql2300 - ok
23:53:08.0091 21380 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:53:08.0096 21380 ql40xx - ok
23:53:08.0134 21380 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:53:08.0143 21380 QWAVE - ok
23:53:08.0163 21380 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:53:08.0193 21380 QWAVEdrv - ok
23:53:08.0218 21380 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:53:08.0251 21380 RasAcd - ok
23:53:08.0301 21380 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:53:08.0303 21380 RasAgileVpn - ok
23:53:08.0323 21380 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:53:08.0328 21380 RasAuto - ok
23:53:08.0348 21380 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:53:08.0365 21380 Rasl2tp - ok
23:53:08.0422 21380 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:53:08.0445 21380 RasMan - ok
23:53:08.0457 21380 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:53:08.0465 21380 RasPppoe - ok
23:53:08.0488 21380 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:53:08.0492 21380 RasSstp - ok
23:53:08.0533 21380 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:53:08.0566 21380 rdbss - ok
23:53:08.0583 21380 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:53:08.0585 21380 rdpbus - ok
23:53:08.0624 21380 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:53:08.0627 21380 RDPCDD - ok
23:53:08.0676 21380 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:53:08.0679 21380 RDPDR - ok
23:53:08.0709 21380 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:53:08.0711 21380 RDPENCDD - ok
23:53:08.0740 21380 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:53:08.0742 21380 RDPREFMP - ok
23:53:08.0835 21380 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:53:08.0837 21380 RdpVideoMiniport - ok
23:53:08.0890 21380 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:53:08.0916 21380 RDPWD - ok
23:53:08.0974 21380 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:53:08.0978 21380 rdyboost - ok
23:53:09.0016 21380 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:53:09.0027 21380 RemoteAccess - ok
23:53:09.0070 21380 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:53:09.0075 21380 RemoteRegistry - ok
23:53:09.0113 21380 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:53:09.0143 21380 RpcEptMapper - ok
23:53:09.0175 21380 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:53:09.0178 21380 RpcLocator - ok
23:53:09.0208 21380 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:53:09.0213 21380 RpcSs - ok
23:53:09.0245 21380 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:53:09.0249 21380 rspndr - ok
23:53:09.0296 21380 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:53:09.0298 21380 s3cap - ok
23:53:09.0338 21380 [ FEC4F19C80F623C3BFB386FC815BCD30 ] s916bus C:\Windows\system32\DRIVERS\s916bus.sys
23:53:09.0356 21380 s916bus - ok
23:53:09.0405 21380 [ A6F154DA17CAFD5743F552B1A88B2C32 ] s916mdfl C:\Windows\system32\DRIVERS\s916mdfl.sys
23:53:09.0409 21380 s916mdfl - ok
23:53:09.0458 21380 [ B4362E96E0A9D258CF5C7CA7AD28958A ] s916mdm C:\Windows\system32\DRIVERS\s916mdm.sys
23:53:09.0461 21380 s916mdm - ok
23:53:09.0491 21380 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:53:09.0493 21380 SamSs - ok
23:53:09.0664 21380 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
23:53:09.0759 21380 SBAMSvc - ok
23:53:09.0828 21380 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:53:09.0831 21380 sbp2port - ok
23:53:09.0881 21380 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:53:09.0886 21380 SCardSvr - ok
23:53:09.0905 21380 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:53:09.0910 21380 scfilter - ok
23:53:09.0965 21380 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:53:09.0999 21380 Schedule - ok
23:53:10.0050 21380 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:53:10.0051 21380 SCPolicySvc - ok
23:53:10.0097 21380 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:53:10.0119 21380 SDRSVC - ok
23:53:10.0170 21380 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:53:10.0172 21380 secdrv - ok
23:53:10.0189 21380 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:53:10.0222 21380 seclogon - ok
23:53:10.0295 21380 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:53:10.0301 21380 SENS - ok
23:53:10.0334 21380 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:53:10.0338 21380 SensrSvc - ok
23:53:10.0367 21380 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:53:10.0375 21380 Serenum - ok
23:53:10.0403 21380 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:53:10.0406 21380 Serial - ok
23:53:10.0432 21380 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:53:10.0433 21380 sermouse - ok
23:53:10.0496 21380 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:53:10.0502 21380 SessionEnv - ok
23:53:10.0546 21380 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:53:10.0548 21380 sffdisk - ok
23:53:10.0580 21380 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:53:10.0583 21380 sffp_mmc - ok
23:53:10.0604 21380 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:53:10.0610 21380 sffp_sd - ok
23:53:10.0630 21380 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:53:10.0632 21380 sfloppy - ok
23:53:10.0690 21380 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:53:10.0699 21380 SharedAccess - ok
23:53:10.0747 21380 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:53:10.0766 21380 ShellHWDetection - ok
23:53:10.0804 21380 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:53:10.0806 21380 sisagp - ok
23:53:10.0839 21380 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:53:10.0841 21380 SiSRaid2 - ok
23:53:10.0860 21380 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:53:10.0862 21380 SiSRaid4 - ok
23:53:11.0009 21380 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:53:11.0088 21380 Skype C2C Service - ok
23:53:11.0186 21380 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:53:11.0190 21380 SkypeUpdate - ok
23:53:11.0232 21380 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:53:11.0239 21380 Smb - ok
23:53:11.0297 21380 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:53:11.0304 21380 SNMPTRAP - ok
23:53:11.0335 21380 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:53:11.0337 21380 spldr - ok
23:53:11.0394 21380 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
23:53:11.0401 21380 Spooler - ok
23:53:11.0498 21380 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:53:11.0600 21380 sppsvc - ok
23:53:11.0649 21380 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:53:11.0653 21380 sppuinotify - ok
23:53:11.0704 21380 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:53:11.0712 21380 srv - ok
23:53:11.0741 21380 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:53:11.0747 21380 srv2 - ok
23:53:11.0794 21380 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:53:11.0797 21380 srvnet - ok
23:53:11.0839 21380 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:53:11.0845 21380 SSDPSRV - ok
23:53:11.0863 21380 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:53:11.0878 21380 SstpSvc - ok
23:53:11.0912 21380 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:53:11.0914 21380 stexstor - ok
23:53:11.0978 21380 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:53:11.0999 21380 StiSvc - ok
23:53:12.0024 21380 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:53:12.0026 21380 storflt - ok
23:53:12.0073 21380 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:53:12.0075 21380 storvsc - ok
23:53:12.0091 21380 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:53:12.0092 21380 swenum - ok
23:53:12.0127 21380 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:53:12.0161 21380 swprv - ok
23:53:12.0180 21380 Synth3dVsc - ok
23:53:12.0266 21380 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:53:12.0313 21380 SysMain - ok
23:53:12.0369 21380 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:53:12.0375 21380 TabletInputService - ok
23:53:12.0423 21380 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:53:12.0430 21380 TapiSrv - ok
23:53:12.0458 21380 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:53:12.0463 21380 TBS - ok
23:53:12.0545 21380 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:53:12.0579 21380 Tcpip - ok
23:53:12.0629 21380 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:53:12.0639 21380 TCPIP6 - ok
23:53:12.0686 21380 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:53:12.0688 21380 tcpipreg - ok
23:53:12.0740 21380 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:53:12.0742 21380 TDPIPE - ok
23:53:12.0790 21380 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:53:12.0793 21380 TDTCP - ok
23:53:12.0850 21380 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:53:12.0852 21380 tdx - ok
23:53:12.0869 21380 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:53:12.0872 21380 TermDD - ok
23:53:12.0931 21380 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:53:12.0951 21380 TermService - ok
23:53:13.0000 21380 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:53:13.0006 21380 Themes - ok
23:53:13.0036 21380 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:53:13.0038 21380 THREADORDER - ok
23:53:13.0080 21380 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:53:13.0084 21380 TrkWks - ok
23:53:13.0153 21380 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:53:13.0186 21380 TrustedInstaller - ok
23:53:13.0240 21380 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:53:13.0242 21380 tssecsrv - ok
23:53:13.0294 21380 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:53:13.0298 21380 TsUsbFlt - ok
23:53:13.0310 21380 tsusbhub - ok
23:53:13.0375 21380 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:53:13.0378 21380 tunnel - ok
23:53:13.0420 21380 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:53:13.0422 21380 uagp35 - ok
23:53:13.0470 21380 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:53:13.0491 21380 udfs - ok
23:53:13.0536 21380 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:53:13.0553 21380 UI0Detect - ok
23:53:13.0602 21380 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:53:13.0608 21380 uliagpkx - ok
23:53:13.0645 21380 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
23:53:13.0648 21380 umbus - ok
23:53:13.0673 21380 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:53:13.0675 21380 UmPass - ok
23:53:13.0720 21380 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
23:53:13.0726 21380 UmRdpService - ok
23:53:13.0751 21380 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:53:13.0758 21380 upnphost - ok
23:53:13.0826 21380 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:53:13.0828 21380 USBAAPL - ok
23:53:13.0899 21380 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:53:13.0903 21380 usbaudio - ok
23:53:13.0948 21380 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:53:13.0951 21380 usbccgp - ok
23:53:13.0994 21380 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:53:14.0007 21380 usbcir - ok
23:53:14.0025 21380 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:53:14.0028 21380 usbehci - ok
23:53:14.0081 21380 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:53:14.0115 21380 usbhub - ok
23:53:14.0161 21380 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:53:14.0172 21380 usbohci - ok
23:53:14.0204 21380 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:53:14.0208 21380 usbprint - ok
23:53:14.0255 21380 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:53:14.0260 21380 USBSTOR - ok
23:53:14.0312 21380 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:53:14.0314 21380 usbuhci - ok
23:53:14.0356 21380 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:53:14.0360 21380 UxSms - ok
23:53:14.0383 21380 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:53:14.0388 21380 VaultSvc - ok
23:53:14.0435 21380 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:53:14.0437 21380 vdrvroot - ok
23:53:14.0489 21380 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:53:14.0510 21380 vds - ok
23:53:14.0545 21380 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:53:14.0559 21380 vga - ok
23:53:14.0587 21380 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:53:14.0591 21380 VgaSave - ok
23:53:14.0603 21380 VGPU - ok
23:53:14.0646 21380 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:53:14.0650 21380 vhdmp - ok
23:53:14.0688 21380 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:53:14.0701 21380 viaagp - ok
23:53:14.0731 21380 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:53:14.0733 21380 ViaC7 - ok
23:53:14.0761 21380 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:53:14.0769 21380 viaide - ok
23:53:14.0843 21380 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:53:14.0847 21380 vmbus - ok
23:53:14.0875 21380 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:53:14.0883 21380 VMBusHID - ok
23:53:14.0926 21380 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:53:14.0928 21380 volmgr - ok
23:53:14.0960 21380 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:53:14.0979 21380 volmgrx - ok
23:53:15.0014 21380 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:53:15.0019 21380 volsnap - ok
23:53:15.0076 21380 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:53:15.0111 21380 vsmraid - ok
23:53:15.0185 21380 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:53:15.0220 21380 VSS - ok
23:53:15.0244 21380 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:53:15.0249 21380 vwifibus - ok
23:53:15.0281 21380 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:53:15.0284 21380 vwififlt - ok
23:53:15.0345 21380 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:53:15.0347 21380 vwifimp - ok
23:53:15.0398 21380 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:53:15.0407 21380 W32Time - ok
23:53:15.0460 21380 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:53:15.0462 21380 WacomPen - ok
23:53:15.0520 21380 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:53:15.0524 21380 WANARP - ok
23:53:15.0536 21380 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:53:15.0537 21380 Wanarpv6 - ok
23:53:15.0648 21380 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:53:15.0694 21380 WatAdminSvc - ok
23:53:15.0740 21380 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:53:15.0774 21380 wbengine - ok
23:53:15.0823 21380 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:53:15.0829 21380 WbioSrvc - ok
23:53:15.0877 21380 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:53:15.0900 21380 wcncsvc - ok
23:53:15.0922 21380 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:53:15.0926 21380 WcsPlugInService - ok
23:53:15.0966 21380 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:53:15.0969 21380 Wd - ok
23:53:16.0007 21380 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:53:16.0015 21380 Wdf01000 - ok
23:53:16.0034 21380 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:53:16.0054 21380 WdiServiceHost - ok
23:53:16.0068 21380 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:53:16.0072 21380 WdiSystemHost - ok
23:53:16.0120 21380 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:53:16.0127 21380 WebClient - ok
23:53:16.0155 21380 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:53:16.0189 21380 Wecsvc - ok
23:53:16.0215 21380 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:53:16.0270 21380 wercplsupport - ok
23:53:16.0298 21380 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:53:16.0306 21380 WerSvc - ok
23:53:16.0330 21380 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:53:16.0342 21380 WfpLwf - ok
23:53:16.0361 21380 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:53:16.0370 21380 WIMMount - ok
23:53:16.0439 21380 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:53:16.0493 21380 WinDefend - ok
23:53:16.0511 21380 WinHttpAutoProxySvc - ok
23:53:16.0569 21380 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:53:16.0573 21380 Winmgmt - ok
23:53:16.0650 21380 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:53:16.0685 21380 WinRM - ok
23:53:16.0740 21380 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:53:16.0743 21380 WinUsb - ok
23:53:16.0804 21380 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:53:16.0838 21380 Wlansvc - ok
23:53:16.0973 21380 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:53:17.0020 21380 wlidsvc - ok
23:53:17.0073 21380 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:53:17.0075 21380 WmiAcpi - ok
23:53:17.0114 21380 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:53:17.0170 21380 wmiApSrv - ok
23:53:17.0266 21380 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:53:17.0300 21380 WMPNetworkSvc - ok
23:53:17.0339 21380 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:53:17.0345 21380 WPCSvc - ok
23:53:17.0399 21380 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:53:17.0404 21380 WPDBusEnum - ok
23:53:17.0445 21380 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:53:17.0447 21380 ws2ifsl - ok
23:53:17.0469 21380 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
23:53:17.0477 21380 wscsvc - ok
23:53:17.0489 21380 WSearch - ok
23:53:17.0585 21380 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:53:17.0645 21380 wuauserv - ok
23:53:17.0699 21380 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:53:17.0702 21380 WudfPf - ok
23:53:17.0764 21380 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:53:17.0774 21380 WUDFRd - ok
23:53:17.0832 21380 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:53:17.0845 21380 wudfsvc - ok
23:53:17.0885 21380 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:53:17.0904 21380 WwanSvc - ok
23:53:17.0949 21380 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
23:53:17.0983 21380 yukonw7 - ok
23:53:18.0021 21380 ================ Scan global ===============================
23:53:18.0081 21380 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:53:18.0126 21380 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:53:18.0156 21380 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:53:18.0194 21380 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:53:18.0265 21380 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:53:18.0343 21380 [Global] - ok
23:53:18.0347 21380 ================ Scan MBR ==================================
23:53:18.0374 21380 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:53:18.0880 21380 \Device\Harddisk0\DR0 - ok
23:53:18.0890 21380 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
23:53:19.0023 21380 \Device\Harddisk2\DR2 - ok
23:53:19.0026 21380 ================ Scan VBR ==================================
23:53:19.0104 21380 [ B6E436552E4A9BE14DF856A09D9D8E4D ] \Device\Harddisk0\DR0\Partition1
23:53:19.0105 21380 \Device\Harddisk0\DR0\Partition1 - ok
23:53:19.0113 21380 [ E54C53DC77152BA3B79E1DFB6D9350C6 ] \Device\Harddisk0\DR0\Partition2
23:53:19.0115 21380 \Device\Harddisk0\DR0\Partition2 - ok
23:53:19.0140 21380 [ 883691858FECFB24028EE208784BA075 ] \Device\Harddisk0\DR0\Partition3
23:53:19.0142 21380 \Device\Harddisk0\DR0\Partition3 - ok
23:53:19.0155 21380 [ 41B1A4A05742EDFF7EAAB13969B93443 ] \Device\Harddisk2\DR2\Partition1
23:53:19.0160 21380 \Device\Harddisk2\DR2\Partition1 - ok
23:53:19.0164 21380 ============================================================
23:53:19.0164 21380 Scan finished
23:53:19.0164 21380 ============================================================
23:53:19.0183 22516 Detected object count: 0
23:53:19.0183 22516 Actual detected object count: 0

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 AM

Posted 17 December 2012 - 10:42 AM

Any luck with adw cleaner or the Add Ons?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 December 2012 - 12:29 PM

something is seriously wrong lol, now my computer keeps telling me that my hard drive is going to die and I should copy all data before it dies. It takes like 30 minutes for the computer to boot up and sometimes I cant get anything (programs, firefox, control panel) to even open. the adwcleaner downloaded in spanish (I guess because I am in costa rica grrrrr) and I ran it and it gave me the text file but it ate the text file because I couldnt open anything and had to reboot and now i guess it didnt save. I find it hard to believe that I started getting all these BSODs and this text dropdown crap at the same time and now my laptop is gonna die? Its working right now, so I am trying to save what I can and move it to a dinosaur laptop I have. Once I have as much as I can saved i will try the adwcleaner again and post the file. Any other programs i should try? Im thinking this is more than just adware.

#7 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 December 2012 - 12:48 PM

Also, there were no addons with the names you mentioned and no program called I want this in my programs to unistall.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 AM

Posted 17 December 2012 - 12:54 PM

Lets move you and get a deeper look. May not be a bad idea to back up any important docs..


Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.

Include this link back to here

http://www.bleepingcomputer.com/forums/topic477978.html/page__pid__2923703#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 December 2012 - 01:00 PM

backing them up now but all i got is a little stick to move files over to my dinosaur laptop so i will go thru the guide and post new topic when done. Thanks so much!

#10 Ravenmahdi

Ravenmahdi
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 December 2012 - 04:49 PM

found the adwcleaner log
sorry about the spanish


# AdwCleaner v2.101 - Fichero creado el 16/12/2012 a 23:58:13
# Actualizado el 16/12/2012 por Xplode
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuario : Gaby - GABY-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\Gaby\Downloads\AdwCleaner.exe
# Opción [Búsqueda]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****

Carpeta Presente : C:\Program Files\BitTorrentControl_v12
Carpeta Presente : C:\Program Files\Conduit
Carpeta Presente : C:\ProgramData\Babylon
Carpeta Presente : C:\ProgramData\blekko toolbars
Carpeta Presente : C:\ProgramData\search protection
Carpeta Presente : C:\Users\Gaby\AppData\Local\Conduit
Carpeta Presente : C:\Users\Gaby\AppData\Local\Temp\BabylonToolbar
Carpeta Presente : C:\Users\Gaby\AppData\LocalLow\BabylonToolbar
Carpeta Presente : C:\Users\Gaby\AppData\LocalLow\BitTorrentControl_v12
Carpeta Presente : C:\Users\Gaby\AppData\LocalLow\Conduit
Carpeta Presente : C:\Users\Gaby\AppData\Roaming\Babylon
Carpeta Presente : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\jkojgab9.default\ConduitCommon
Fichero Presente : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichero Presente : C:\user.js

***** [Registro] *****

Clave Presente : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Clave Presente : HKCU\Software\AppDataLow\Software\Conduit
Clave Presente : HKCU\Software\AppDataLow\Software\SmartBar
Clave Presente : HKCU\Software\AppDataLow\Toolbar
Clave Presente : HKCU\Software\Ask&Record
Clave Presente : HKCU\Software\BabylonToolbar
Clave Presente : HKCU\Software\Conduit
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Clave Presente : HKCU\Software\Softonic
Clave Presente : HKCU\Software\SweetIM
Clave Presente : HKLM\Software\Babylon
Clave Presente : HKLM\Software\BabylonToolbar
Clave Presente : HKLM\Software\BitTorrentControl_v12
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clave Presente : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clave Presente : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clave Presente : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clave Presente : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clave Presente : HKLM\SOFTWARE\Classes\b
Clave Presente : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Clave Presente : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Clave Presente : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Clave Presente : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Clave Presente : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clave Presente : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clave Presente : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clave Presente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Clave Presente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clave Presente : HKLM\SOFTWARE\Classes\Prod.cap
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Clave Presente : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Clave Presente : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clave Presente : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Clave Presente : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clave Presente : HKLM\Software\Conduit
Clave Presente : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Clave Presente : HKLM\Software\Iminent
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EA3BD69-812A-4E63-A2D4-172B02D62891}
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7670FBB-6AEF-473A-937A-472E2DC01BBC}
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clave Presente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Clave Presente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Clave Presente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Clave Presente : HKLM\Software\SweetIM
Clave Presente : HKU\S-1-5-21-3424397079-2608774796-1479288682-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Clave Presente : HKU\S-1-5-21-3424397079-2608774796-1479288682-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valor Presente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Valor Presente : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Valor Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Valor Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.7601.17514

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=113665&tt=2912_8&babsrc=NT_ss&mntrId=7acdbef2000000000000000000000000
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=7acdbef2000000000000000000000000&tlver=1.4.19.19&ss=1&affID=18025

-\\ Mozilla Firefox v17.0.1 (en-US)

Nombre del perfil : default
Fichero : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\jkojgab9.default\prefs.js

Presente : user_pref("CT3225826..clientLogIsEnabled", false);
Presente : user_pref("CT3225826..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT3225826..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT3225826.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Presente : user_pref("CT3225826.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT3225826.BrowserCompStateIsOpen_1482755286787340176", true);
Presente : user_pref("CT3225826.CTID", "CT3225826");
Presente : user_pref("CT3225826.CurrentServerDate", "18-8-2012");
Presente : user_pref("CT3225826.DSInstall", false);
Presente : user_pref("CT3225826.DialogsAlignMode", "LTR");
Presente : user_pref("CT3225826.DialogsGetterLastCheckTime", "Sat Aug 18 2012 02:28:42 GMT-0600");
Presente : user_pref("CT3225826.DownloadReferralCookieData", "");
Presente : user_pref("CT3225826.EnableClickToSearchBox", false);
Presente : user_pref("CT3225826.EnableSearchHistory", false);
Presente : user_pref("CT3225826.EnableSearchSuggest", false);
Presente : user_pref("CT3225826.FirstServerDate", "18-8-2012");
Presente : user_pref("CT3225826.FirstTime", true);
Presente : user_pref("CT3225826.FirstTimeFF3", true);
Presente : user_pref("CT3225826.FirstTimeHiddenVer", true);
Presente : user_pref("CT3225826.FixPageNotFoundErrors", true);
Presente : user_pref("CT3225826.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT3225826.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT3225826.HPInstall", false);
Presente : user_pref("CT3225826.HasUserGlobalKeys", true);
Presente : user_pref("CT3225826.Initialize", true);
Presente : user_pref("CT3225826.InitializeCommonPrefs", true);
Presente : user_pref("CT3225826.InstallationAndCookieDataSentCount", 1);
Presente : user_pref("CT3225826.InstallationId", "fftAD1C.tmp.exe");
Presente : user_pref("CT3225826.InstallationType", "XPE");
Presente : user_pref("CT3225826.InstalledDate", "Sat Aug 18 2012 02:28:40 GMT-0600");
Presente : user_pref("CT3225826.IsAlertDBUpdated", true);
Presente : user_pref("CT3225826.IsGrouping", false);
Presente : user_pref("CT3225826.IsInitSetupIni", true);
Presente : user_pref("CT3225826.IsMulticommunity", false);
Presente : user_pref("CT3225826.IsOpenThankYouPage", true);
Presente : user_pref("CT3225826.IsOpenUninstallPage", false);
Presente : user_pref("CT3225826.LanguagePackLastCheckTime", "Sat Aug 18 2012 02:28:53 GMT-0600");
Presente : user_pref("CT3225826.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT3225826.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT3225826.LastLogin_3.15.0.0", "Sat Aug 18 2012 02:28:49 GMT-0600");
Presente : user_pref("CT3225826.LatestVersion", "3.14.1.0");
Presente : user_pref("CT3225826.Locale", "en");
Presente : user_pref("CT3225826.MCDetectTooltipHeight", "83");
Presente : user_pref("CT3225826.MCDetectTooltipShow", false);
Presente : user_pref("CT3225826.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT3225826.MCDetectTooltipWidth", "295");
Presente : user_pref("CT3225826.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT3225826.OriginalFirstVersion", "3.15.0.0");
Presente : user_pref("CT3225826.SHRINK_TOOLBAR", 1);
Presente : user_pref("CT3225826.SearchBackToDefaultEngine", false);
Presente : user_pref("CT3225826.SearchCaption", "BitTorrentControl_v12 Customized Web Search");
Presente : user_pref("CT3225826.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT3225826.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Presente : user_pref("CT3225826.SearchInNewTabEnabled", true);
Presente : user_pref("CT3225826.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT3225826.SearchInNewTabLastCheckTime", "Sat Aug 18 2012 02:28:53 GMT-0600");
Presente : user_pref("CT3225826.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT3225826.SearchInNewTabUserEnabled", false);
Presente : user_pref("CT3225826.SendProtectorDataViaLogin", true);
Presente : user_pref("CT3225826.ServiceMapLastCheckTime", "Sat Aug 18 2012 02:28:39 GMT-0600");
Presente : user_pref("CT3225826.SettingsLastCheckTime", "Sat Aug 18 2012 02:28:39 GMT-0600");
Presente : user_pref("CT3225826.SettingsLastUpdate", "1344943760");
Presente : user_pref("CT3225826.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=13");
Presente : user_pref("CT3225826.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT3225826.ThirdPartyComponentsLastCheck", "Sat Aug 18 2012 02:28:39 GMT-0600");
Presente : user_pref("CT3225826.ThirdPartyComponentsLastUpdate", "1331805997");
Presente : user_pref("CT3225826.ToolbarShrinkedFromSetup", false);
Presente : user_pref("CT3225826.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3225826");
Presente : user_pref("CT3225826.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Presente : user_pref("CT3225826.UserID", "UN64294847069988517");
Presente : user_pref("CT3225826.ValidationData_Toolbar", 0);
Presente : user_pref("CT3225826.alertChannelId", "1659193");
Presente : user_pref("CT3225826.approveUntrustedApps", false);
Presente : user_pref("CT3225826.autoDisableScopes", -1);
Presente : user_pref("CT3225826.backendstorage.bt_stats", "7B226C6173745F6C6F67223A313334353237383534322C227575[...]
Presente : user_pref("CT3225826.backendstorage.cbcountry_001", "4352");
Presente : user_pref("CT3225826.backendstorage.cbfirsttime", "5361742041756720313820323031322030323A32383A35382[...]
Presente : user_pref("CT3225826.components.129830626807270847", false);
Presente : user_pref("CT3225826.components.129887590378280857", false);
Presente : user_pref("CT3225826.components.1482755286787340176", false);
Presente : user_pref("CT3225826.components.4870619880644851600", false);
Presente : user_pref("CT3225826.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Presente : user_pref("CT3225826.globalFirstTimeInfoLastCheckTime", "Sat Aug 18 2012 02:28:42 GMT-0600");
Presente : user_pref("CT3225826.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT3225826.initDone", true);
Presente : user_pref("CT3225826.isAppTrackingManagerOn", true);
Presente : user_pref("CT3225826.isSearchProtectorNotifyChanges", false);
Presente : user_pref("CT3225826.myStuffEnabled", true);
Presente : user_pref("CT3225826.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT3225826.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT3225826.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT3225826.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT3225826.navigateToUrlOnSearch", false);
Presente : user_pref("CT3225826.revertSettingsEnabled", true);
Presente : user_pref("CT3225826.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT3225826.searchProtectorEnableByLogin", true);
Presente : user_pref("CT3225826.testingCtid", "");
Presente : user_pref("CT3225826.toolbarAppMetaDataLastCheckTime", "Sat Aug 18 2012 02:28:39 GMT-0600");
Presente : user_pref("CT3225826.toolbarContextMenuLastCheckTime", "Sat Aug 18 2012 02:29:01 GMT-0600");
Presente : user_pref("CT3225826.usageEnabled", false);
Presente : user_pref("CT3225826.usagesFlag", 1);
Presente : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3225826/CT3225826[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3225826", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3225826",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"827[...]
Presente : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Gaby\\AppData\\Roaming\\Mozilla\\Fi[...]
Presente : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.0.0");
Presente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?q=");
Presente : user_pref("CommunityToolbar.ToolbarsList", "CT3225826");
Presente : user_pref("CommunityToolbar.ToolbarsList2", "CT3225826");
Presente : user_pref("CommunityToolbar.ToolbarsList4", "CT3225826");
Presente : user_pref("CommunityToolbar.globalUserId", "38e4cc00-c55c-450d-b7ce-d82c69a65f5f");
Presente : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Presente : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Presente : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 18 2012 02:28:4[...]
Presente : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Presente : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Presente : user_pref("CommunityToolbar.notifications.locale", "en");
Presente : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Presente : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 18 2012 02:28:39 GMT-0600");
Presente : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Presente : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Presente : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Presente : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Presente : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Presente : user_pref("CommunityToolbar.notifications.userId", "553f8130-9395-4a7f-8968-b817b39a59eb");
Presente : user_pref("CommunityToolbar.originalHomepage", "www.google.com");
Presente : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Presente : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Presente : user_pref("extensions.BabylonToolbar_i.babExt", "");
Presente : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113665&tt=2912_8");
Presente : user_pref("extensions.BabylonToolbar_i.hardId", "7acdbef2000000000000000000000000");
Presente : user_pref("extensions.BabylonToolbar_i.id", "7acdbef2000000000000000000000000");
Presente : user_pref("extensions.BabylonToolbar_i.instlDay", "15542");
Presente : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Presente : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Presente : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Presente : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Presente : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Presente : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Presente : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Presente : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:36:35");
Presente : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Presente : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7Bdd05fd3d-18df-4ce4-ae53[...]
Presente : user_pref("vshare.install.date", "1316462819");
Presente : user_pref("vshare.install.finished", "1.0.0");
Presente : user_pref("vshare.install.fresh", "false");
Presente : user_pref("vshare.install.guid", "{8cb22e85-180f-45d1-94b5-c4aba878554e}");
Presente : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v23.0.1271.97

Fichero : C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Preferences

Presente [l.14] : urls_to_restore_on_startup = ["hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=60EE6BA7724C75A404147C50C23887DB", "hxxp://search.babylon.com/?affID=113665&tt=2912_8&babsrc=HP_ss&mntrId=7acdbef2000000000000000000000000", "hxxp://www.google.com"]
Presente [l.55] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Presente [l.58] : keyword = "babylon.com",
Presente [l.61] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=113665&tt=2912_8&babsrc=SP_ss&mntrId=7acdbef2000000000000000000000000",
Presente [l.903] : urls_to_restore_on_startup = ["hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=60EE6BA7724C75A404147C50C23887DB", "hxxp://search.babylon.com/?affID=113665&tt=2912_8&babsrc=HP_ss&mntrId=7acdbef2000000000000000000000000", "hxxp://www.google.com"]

*************************

AdwCleaner[R1].txt - [23178 octets] - [16/12/2012 23:58:13]

########## EOF - C:\AdwCleaner[R1].txt - [23239 octets] ##########

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 AM

Posted 17 December 2012 - 08:37 PM

Ok,,, lets do these then..

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode


Clear your web browser's cache, cookies, and history


Try to Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.



If that was successful or not..Reboot back to normal mode and I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 17 December 2012 - 08:40 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users